Oval Definition:oval:org.mitre.oval:def:28215
Revision Date:2015-03-09Version:5
Title:USN-2399-1 -- curl vulnerability
Description:Symeon Paraschoudis discovered that curl incorrectly handled memory whenbeing used with CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle(). This mayresult in sensitive data being incorrectly sent to the remote server.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2014-3707
USN-2399-1
Platform(s):Ubuntu 10.04
Ubuntu 12.04
Ubuntu 14.04
Ubuntu 14.10
Product(s):curl
Definition Synopsis
  • Ubuntu 14.10 release section
  • Ubuntu 14.10 is installed
  • AND Packages match section
  • libcurl3-nss is earlier than 0:7.37.1-1ubuntu3.1
  • OR libcurl3-gnutls is earlier than 0:7.37.1-1ubuntu3.1
  • OR libcurl3 is earlier than 0:7.37.1-1ubuntu3.1
  • Ubuntu 14.04 release section
  • Ubuntu 14.04 is installed
  • AND Packages match section
  • libcurl3-nss is earlier than 0:7.35.0-1ubuntu2.2
  • OR libcurl3-gnutls is earlier than 0:7.35.0-1ubuntu2.2
  • OR libcurl3 is earlier than 0:7.35.0-1ubuntu2.2
  • Ubuntu 12.04 release section
  • Ubuntu 12.04 is installed
  • AND Packages match section
  • libcurl3-nss is earlier than 0:7.22.0-3ubuntu4.11
  • OR libcurl3-gnutls is earlier than 0:7.22.0-3ubuntu4.11
  • OR libcurl3 is earlier than 0:7.22.0-3ubuntu4.11
  • Ubuntu 10.04 release section
  • Ubuntu 10.04 is installed
  • AND Packages match section
  • libcurl3-gnutls is earlier than 0:7.19.7-1ubuntu1.10
  • OR libcurl3 is earlier than 0:7.19.7-1ubuntu1.10
    • BACK